Hi,
This seems rather easy, but its got me stuck.
i am using ruby DBI to insert records into a mysql database.
dbh.do("INSERT INTO sentences (id,text)
VALUES
(#{id},#{sentence})")
the sentence is a pretty long and complex string having many special
characters. I cant seem to escape it out, i tried CGI and the %&&
delimiters, but i cant get it to work.
I appreciate your help!
Thanks!
--
Posted via http://www.ruby-forum.com/.
Nvm, got it.
require 'mysql'
sentence = Mysql.escape_string(sentence.to_s)
dbh.do("INSERT INTO sentences (id,text)
VALUES
(#{id}, '" + sentence + "')")
:)
--
Posted via http://www.ruby-forum.com/.
I'd rather use prepared statements with bind variables. This is much safer and also you can offload a bit of work from the database.
Kind regards
robert
On 03/07/2010 09:14 AM, Krishna Rokhale wrote:
Nvm, got it.
require 'mysql'
sentence = Mysql.escape_string(sentence.to_s)
dbh.do("INSERT INTO sentences (id,text)
VALUES
(#{id}, '" + sentence + "')"):)
--
remember.guy do |as, often| as.you_can - without end
http://blog.rubybestpractices.com/
Robert Klemme wrote:
On 03/07/2010 09:14 AM, Krishna Rokhale wrote:
:)
I'd rather use prepared statements with bind variables. This is much
safer and also you can offload a bit of work from the database.Kind regards
robert
Thanks!
--
Posted via http://www.ruby-forum.com/\.